US2024362098A1PendingUtilityA1

Method and system for real-time identification of blast radius of a fault in a globally distributed virtual desktop fabric

72
Assignee: WORKSPOT INCPriority: Jun 29, 2022Filed: Jul 8, 2024Published: Oct 31, 2024
Est. expiryJun 29, 2042(~16 yrs left)· nominal 20-yr term from priority
G06F 9/452G06F 11/079G06F 11/0784G06F 11/0712
72
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system and method for determining a blast radius of a major incident occurring in a virtual desktop system is disclosed. The virtual desktop system has interconnected service components and provides access to virtual desktops by client devices. An event collection module collects events from the service components. An aggregation module merges the collected events in a time-ordered stream, provides context to the events in the time-ordered stream through relationships between the collected events, and generates a correlated event stream. An analysis module determines a stream of problem reports from the correlated event stream. The analysis module determines a spike in the stream of problem reports and determines the attributes of the problem reports in the spike to define the major incident. The analysis module determines a scope of the major incident and a corresponding attribute, to determine a blast radius associated with the major incident in the desktop system.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 - 20 . (canceled) 
     
     
         21 - 30 . (canceled) 
     
     
         31 . A diagnostic system for determining a blast radius from a major incident in a virtual remote desktop system providing access to virtual desktops by client devices, the virtual remote desktop system having network interconnected service components including servers executing a virtual machine to execute the virtual desktops and the client devices, the diagnostic system comprising:
 an event collection module coupled to the service components of the desktop system, the event collection module collecting events data via the network, the events data generated electronically from the service components including the servers and the client devices;   an aggregation module coupled to the event collection module, the aggregation module executed by a processor, the aggregation module merging the collected events data in a time-ordered stream, providing context to the events data in the time-ordered stream through relationships between the collected events data, and generating a correlated event stream; and   an analysis module executed by a processor configured to:
 determine a stream of problem reports from the correlated event stream; 
 determine a spike in the stream of problem reports; 
 determine the attributes of the problem reports in the spike to define the major incident; and 
 determine a scope of the major incident and a corresponding attribute to determine a blast radius of service components associated with the major incident in the virtual remote desktop system; and 
   a reporting module executed by the processor to send a command over the network to one or more of the service components in the blast radius to execute a mitigating action for the one or more of those service components.   
     
     
         32 . The system of  claim 31 , wherein the one or more service components include individual cloud desktops or application servers, and the mitigating action is an upgrade to a CPU or memory capacity of the individual cloud desktops or application servers. 
     
     
         33 . The system of  claim 31 , wherein the one or more service components include a cluster of remote display protocol gateways, wherein the mitigation action includes an expansion of the size of a cluster of the remote display protocol gateways, an upgrade to a CPU of an individual remote display protocol gateway, or an upgrade to memory capacity of an individual remote display protocol gateways. 
     
     
         34 . The system of  claim 31 , wherein the mitigating action includes a reconfiguration to redirect end users to a virtualization infrastructure of service components outside of the blast radius. 
     
     
         35 . The system of  claim 31 , wherein the mitigating action includes an update to network configuration, including the configuration of domain name services to restore access to authorization. 
     
     
         36 . The system of  claim 31 , wherein the mitigating action includes an update to configurations of a cloud service provider configurations, the update including an inventory of resources available within the cloud provider service subscription. 
     
     
         37 . The system of  claim 31 , wherein the mitigating operation includes an update to authentication service configurations, authorization service configuration, or security provider service configurations. 
     
     
         38 . The system of  claim 31 , wherein the reporting module recommends another mitigating action based on the determined corresponding attribute. 
     
     
         39 . The system of  claim 31 , wherein the reporting module generates an interface on the display showing the service components affected by the blast radius. 
     
     
         40 . The system of  claim 31 , wherein the service components include at least one of installed client software, networks used by endpoint client devices, cloud APIs for managing virtual desktop infrastructure, regional resources, gateway hosts, virtual desktop hosts, agent services, virtual application servers, virtual desktop operating systems, computing services, storage services, and network services. 
     
     
         41 . The system of  claim 31 , further comprising:
 a desktop service control plane coupled to the service components and other event sources, wherein the desktop service control plane includes a monitoring service to report faults from the components; and   an event data repository storing the events, the event collection module being coupled to the event data repository and storing collected events to the event data repository.   
     
     
         42 . A method for mitigating a blast radius of a major incident in a virtual remote desktop system providing virtual desktops to client devices, the virtual remote desktop system having network interconnected service components including servers executing a virtual machine to execute the virtual desktops and the client devices, the method comprising:
 collecting events data of service components via the network, the events data generated electronically from all service components traced to a fault including the servers and the client devices;   merging the collected events data in a time-ordered event stream via a processor;   correlating the collected events data in the time-ordered event stream to show relationships across events data to create a correlated event stream;   determining a stream of problem reports from the correlated event stream; determine a spike in the stream of problem reports via the processor;   determining the attributes of the problem reports in the spike to define the major incident via the processor;   determining a scope of the major incident and a corresponding attribute to determine the blast radius associated with the major incident in the virtual remote desktop system via the processor; and   sending a command to at least some of service components in the blast radius to perform a mitigating action.   
     
     
         43 . The method of  claim 42 , wherein the one or more service components include individual cloud desktops or application servers, and the mitigating action is an upgrade to a CPU or memory capacity of the individual cloud desktops or application servers. 
     
     
         44 . The method of  claim 42 , wherein the one or more service components include a cluster of remote display protocol gateways, wherein the mitigation action includes an expansion of the size of a cluster of the remote display protocol gateways, an upgrade to a CPU of an individual remote display protocol gateway, or an upgrade to memory capacity of an individual remote display protocol gateways. 
     
     
         45 . The method of  claim 42 , wherein the mitigating action includes a reconfiguration to redirect end users to a virtualization infrastructure of service components outside of the blast radius. 
     
     
         46 . The method of  claim 42 , wherein the mitigating action includes an update to network configuration, including the configuration of domain name services to restore access to authorization. 
     
     
         47 . The method of  claim 42 , wherein the mitigating action includes an update to configurations of a cloud service provider configurations, the update including an inventory of resources available within the cloud provider service subscription. 
     
     
         48 . The method of  claim 42 , wherein the mitigating operation includes an update to authentication service configurations, authorization service configuration, or security provider service configurations. 
     
     
         49 . The method of  claim 42 , further comprising generating an interface on the display showing the service components affected by the blast radius. 
     
     
         50 . A diagnostic system for determining a blast radius from a major incident in a virtual remote desktop system providing access to virtual desktops by client devices, the virtual remote desktop system having network interconnected service components including servers executing a virtual machine to execute the virtual desktops and the client devices, the diagnostic system comprising:
 an event collection module coupled to the service components of the desktop system, the event collection module collecting events data via the network, the events data generated electronically from the service components including the servers and the client devices;   an aggregation module coupled to the event collection module, the aggregation module executed by a processor, the aggregation module merging the collected events data in a time-ordered stream, providing context to the events data in the time-ordered stream through relationships between the collected events data, and generating a correlated event stream; and   an analysis module executed by a processor configured to:
 determine a stream of problem reports from the correlated event stream; determine a spike in the stream of problem reports; 
 determine the attributes of the problem reports in the spike to define the major incident; and 
 determine a scope of the major incident and a corresponding attribute to determine a blast radius composed of all service components associated with the major incident.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.